Hackers are extremely creative. It’s not just phishing and knocking — hackers will try every crevice and every small hole, even things you would never think of as a way into your data center. The reason you need zero-trust security is because you never know how they’re going to slip behind the scenes and gain access to what you thought was an innocent little system. If you just protect the edge of your network, then all someone has to do is get under the fence. Here are a few memorable ways they’ve done it:
Target Corporation’s POS and the Air Conditioner
One of the biggest consumer breaches came from hackers who installed malware on the Point of Sale credit card machines in companies like Target. We’re talking the thing that controls the flow of money from the cash register to the bank, which you would think is a pretty important system — and it is.
But what Target didn’t think was a particularly critical system was the HVAC thermostat. As it turns out, the PoS and the thermostats were on the same network, so when the hackers got ahold of the password for the thermostats, they gained access to the entire network. That network is, of course, not just for one store, but gave them access to every store, and once they were able to load their malware – which copied and reported credit card numbers and expiration dates – on one machine, they were able to upload it to all machines throughout the company.
Faxing Your Way to Compromise
We don’t really do a lot of faxing anymore, but we do end up with the feature on those all-in-one printers that scan, fax, print, and do optical character recognition, or OCR. It was that combination of features that researches from Check Point Software Technologies were able to exploit.
They faxed over lines of malicious code disguised as an image file to the printer, relying on the fact that no one usually checks the contents received over a fax. The file was decoded and stored in the printer’s memory, which allowed the researchers to take over the machine. Then, they were able to get into the rest of the company network, explore other devices, and use the fax machine connection to upload malware to those devices.
Having a Blue WiFi
Bluetooth is that thing you use to connect your phone to your car. WiFi is completely different, right? Well… not exactly. A number of enterprise WiFi access points have Bluetooth as a discovery method to allow WiFi access points to find each other and to be set up — the irony being that you can’t set up a wireless access point on WiFi because the WiFi isn’t set up yet.
The exploit has to be done over Bluetooth, which means you need to be physically within 100 meters or so of the access point — a laptop in a car outside the building could do it. However, the access gained is pretty frightening. The thing that every other thing needs to talk to is now compromised and can spread malicious code very quietly.
The Tiny Chip on the Server Board
Of course, we know about the tiny chip that found its way onto motherboards from the manufacturing plants supplying Super Micro Computer Inc. The chip didn’t do much, because it really didn’t have to do much. It reported the details of the machine to a central location, and basically held the door open for hackers to send bits of code into the operating system. Once the operating system is compromised, all bets are off. You don’t need the little chip anymore, because you now own all the big chips and network access.
At the end of the day there will always be some way for a hacker to crack open a window or slip in a back door. Whether they get friends on the inside like they did with the little chip, or someone just forgot to lock a door like the HVAC thermostat, the odds of an organization truly locking down the perimeter grow smaller and smaller every day as more “things” get connected and hackers get cleverer.
The moral of the story is: hold your code close, protect everything as close to that thing as you can, and remember, the network is already compromised.